The issue of the information safety management in enterprises was characterized. The research of literature was conducted with the aim to present different defini-tions of the concept of information. The importance and the role of information for enterprises was defined. The approach of organizational units to the process of establishment of the safety management information system was presented. The role and importance of risk management and the estimation of risk in the information safety process was determined and the threats resulting from the use of social networking websites were discussed. It was attempted to find the reasons for the passive approach of enterprises to ensure the safety of information. It was shown that enterprises prefer savings over the safety of information and they often make investments in a situation when the information is already lost or another incident occurred that adversely affected their operation.